CSCE 413: Software Security

What to expect from this course?

The educational approach will be inspired from:

• Reverse Engineering
• Exploit Development
• Capture-the-flags (CTF)

The content will cover typical vulnerabilities in:

• Linux servers.
• Android Apps.
• Web Apps.

The projects will be hand-on. Students are expected to be able to find vulnerabilities in real apps.

Covered content:

• Introduction to Security:
  • What is Security: ACID Properties.
• Web Security:
  • OWASP Top-10 Web.
  • Directory Traversal.
  • Google Dorks.
  • Replay Attacks.
  • Authentication Failures.
  • Web Vulnerability Scanners.
  • Cross-Site Scripting (XSS).
  • SQL Injection.
• Network Security:
  • Man-In-The-Middle (MITM) Attacks.
  • MITM with ARP Spoofing.
  • Multi-Stage Attacks.
  • Services open to the Internet (Shodan).
  • Service Discovery (NMAP).
  • Secure APIs.
  • Port Scanning and Port Knocking.
  • Honeypots.
• Mobile Apps Security:
  • OWASP Top-10 Mobile.
  • Smali Code & App Repackaging.
• Application Security:
  • CVEs & Outdated Software (ExploitDB).
  • Buffer Overflows.
  • Ret2LibC.
  • Return-Oriented Programming (ROP).
  • Shellcode Development.
  • Encoding: Metasploit.
  • ROP Defenses: Control Flow Integrity.
• Malware:
  • Rootkits & LD PRELOAD.
  • Detection with YARA Rules.
• Crypto Miscellaneous:
  • Password Cracking, Rainbow Tables, and Salting.
  • Pseudo RNGs and Ransomware Key Recovery.
• Automated Tools:
  • Vulnerability Scanners & Static Analyzers: CodeQL.
  • Fuzzing for Bug Finding with AFL.
  • Symbolic Execution with Angr.
• Tracing:
  • Syscall Tracing with Strace.
  • Function Tracing with Ltrace.
  • Performance-based Tracing with Linux Perf.
• Debugging:
  • Debugging with GDB and its Extensions (PwnTools).
  • Creating your own Debugger with PTRACE.